A week ago, Windows7 gorgeous listed. A week later, all online piracy Win7 on everywhere. Media to provide "Win7 download" to download malicious code points are not only hundreds of pages to be linked to horses, even those Mianjiaoguo version, crack version, simplified version of Win7 is also a great hidden danger. Recently, Microsoft announced the "security of Microsoft's cloud infrastructure" of the document, and this is the first time Microsoft has announced some measures to protect the safety of the content of clouds. U.S. experts blamed bureaucratic powers are unknown, network security is not given adequate attention, for which Obama has recently created a military command network to improve U.S. capacity to respond to information security.
1, Microsoft announced some security measures to protect cloud
Microsoft announced its cloud services for the security policy, what will eventually become the industry standard to ensure that these services? Microsoft, this approach to the security of the dawn.
Microsoft document titled "Microsoft's cloud infrastructure protection", highly summarized Microsoft to protect its infrastructure and its user data and applications which measures will be taken. Broadly speaking, these practices rely on risk assessment and defense in depth, and the risk of re-cycle assessment and develop new and appropriate measures to guarantee the development of leading edge on the threat. Microsoft also monitor the data confidentiality and integrity of the law, its compliance with these regulations.
Microsoft said that they cloud their annual review of infrastructure to meet the Payment Card Industry Standard (PCI), Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA, also known as "electronic exchange of medical bill") and the media rating of the Governing Council of the relevant requirements.
Mentioned in the document: "Recognizing that in a more comprehensive approach down latency Nu Li, streamlining management processes, and appropriate regulatory requirements Zai is currently very important development opportunities, OSSC to develop a comprehensive set of regulations out of compliance with Jia Gou." which referred to the people most concerned about (the launch meeting and maintenance) needs of all the requirements.
In addition, Microsoft will be the International Organization for Standardization (ISO) and the statements of auditing standards (SAS) 70 certification as a security measure cloud soundness standards.
How other people look at clouds with security-related measures are recommended as the basis for safety standards. After all, many cloud security challenges to be traditional (strict safety standards have been set up) shared computing environment, for the safety of using them as a cloud expansion modules can be of great significance.
2, lack of network security experts accused the United States and bureaucratic powers unknown
A reliance on technical means to solve the embarrassing fact that complex problems: technological innovation can not always meet the demand, and sometimes even unnecessary. In the area of national security, network security is the most obvious case of this argument, because to prevent information theft or sell the key is organization, not technology.
Obama has recently created a military command network is well with this in mind, but this is only the beginning of a safe. Information security battle will determine the winner in the cable channel, where more attention to detail who will come to do a better job.
Conflict to conflict, from the department network
In June, U.S. Defense Secretary Robert Gates (Robert Gates) authorized the establishment of the network command, this is the first devoted to the coordination of their armed forces and Pentagon computer network security and operational military organization. Gates plans to Lieutenant General Keith Alexander (Keith Alexander) as the network headquarters (Cybercom) the person in charge. Alexander is currently the National Security Agency (National Security Agency, NSA) in charge, and this is the most important U.S. national security organizations in the collection of communications intelligence entities.